Vulnerability Details CVE-2024-29059
.NET Framework Information Disclosure Vulnerability
Exploit prediction scoring system (EPSS) score
EPSS Score 0.937
EPSS Ranking 99.8%
CVSS Severity
CVSS v3 Score 7.5
Proposed Action
Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.
Ransomware Campaign
Unknown
References
Products affected by CVE-2024-29059
-
cpe:2.3:a:microsoft:.net_framework:2.0
-
cpe:2.3:a:microsoft:.net_framework:3.0
-
cpe:2.3:a:microsoft:.net_framework:3.5
-
cpe:2.3:a:microsoft:.net_framework:3.5.1
-
cpe:2.3:a:microsoft:.net_framework:4.6
-
cpe:2.3:a:microsoft:.net_framework:4.6.2
-
cpe:2.3:a:microsoft:.net_framework:4.7
-
cpe:2.3:a:microsoft:.net_framework:4.7.1
-
cpe:2.3:a:microsoft:.net_framework:4.7.2
-
cpe:2.3:a:microsoft:.net_framework:4.8
-
cpe:2.3:a:microsoft:.net_framework:4.8.1
-
cpe:2.3:o:microsoft:windows_10_1507:-
-
cpe:2.3:o:microsoft:windows_10_1607:-
-
cpe:2.3:o:microsoft:windows_10_1809:-
-
cpe:2.3:o:microsoft:windows_10_21h2:-
-
cpe:2.3:o:microsoft:windows_10_22h2:-
-
cpe:2.3:o:microsoft:windows_11_21h2:-
-
cpe:2.3:o:microsoft:windows_11_22h2:-
-
cpe:2.3:o:microsoft:windows_11_23h2:-
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2019:-
-
cpe:2.3:o:microsoft:windows_server_2022:-
-
cpe:2.3:o:microsoft:windows_server_2022_23h2:-